Improving Your PC Privacy
From the simple to the byzantine
Let me start by addressing the question that many reading this will have - why do I need to secure my data? Don’t companies already have all my data? Isn’t the data they have on me largely useless?
Well, the short answer is, you’re only partly correct. It is an unfortunate reality of our current surveillance capital state that data collection has long since surpassed the point of feeling avoidable or even comprehensible. The public perception thus becomes that any privacy effort is futile, and that the data collection can’t be that harmful in the first place. This is quite misguided, and it is precisely this attitude that allows this rampant violation of consumer privacy to continue.
It is important to remember that with a large enough volume of data, companies can find trends and patterns that would be impossible to spot otherwise. For instance, back in 2012, a story of Target predicting and accidentally revealing a teen pregnancy went viral, raising the debate about company data collection. (Since then, it has been pointed out that while Target’s pregnancy prediction was real, it was hardly infallible, and the specific story that went viral could have been exaggerated or fictitious). The point, however, is this - companies collect significantly more information than the average person is aware of, and they can do a lot more with it than you might realize. Stories like the Target one are only less frequent now because companies know to downplay their capabilities - Target themselves intersperses the pregnancy ads with other ones to avoid shocking their customers (and to avoid false positives).
I could continue to talk at length about the concerns, but I hope that anyone who clicked on this article and read this far is sufficiently hooked. The article is roughly laid out starting with the easiest steps that help the most, on to the more technical. It will be focused more on Windows, although many steps apply to Linux as well. Having realized how long this article was growing, I added a very brief summary of the major points at the beginning. Please read the full article to understand the reasoning and to get a number of tips that I couldn’t easily summarize.
For escaping Google specifically, see my article on it! I also have written an iOS privacy article, found here. Stay tuned for a FOSS/Fediverse focused one. I would also recommend checking out the Freedom of the Press Foundation’s article on securing your Wi-Fi router.
Resources
This article draws on a number of resources, primarily trustworthy sources of recommendations and resources to test/compare privacy for yourself. I’ve laid out the ones I most frequently reference here.
Privacy Tests - A website which compares open-source tests of browser privacy. It is one of the easiest ways to quickly compare the major browsers.
Avoid the Hack’s Browser Comparison Tool - similar to Privacy Tests, but more generalized and with information on more browsers.
Privacy Guides and Avoid the Hack - Websites managed by people familiar with the privacy world, and so tend to have much better recommendations than similar sites. You can find recommended browsers, operating systems, email providers, etc. Most (but not all) topics I will cover can be found on these sites as well.
EFF’s Cover Your Tracks - A tool that attempts to fingerprint your browser in order to determine how protected you are. Extremely helpful for testing whether features are truly improving your privacy.
O&O Software - Makers of a number of tools that can make Windows more secure/private. Many of the tools are paid, but AppBuster and ShutUp10++ are both free, and I highly recommend ShutUp10++ in particular.
The Very Brief Summary
I recommend Librewolf, Mullvad, and Tor for browsers, depending on use-case and privacy needs. Librewolf is my recommendation for most users and use-cases, but all three are good broswers. Startpage is my recommended search engine, though I would occasionally use SearXNG for finding torrents or more niche material, and I also recommend DuckDuckGo minus the AI features as another great general use engine. I recommend any Firefox/Librewolf users use uBlock Origin, Port Authority and Canvas Blocker as hardening extensions.
For Windows users, disable any “personalization” and ad features that you can find. I highly recommend using ShutUp10++, which will help you disable the vast majority of Windows’ most privacy-violating features. I also recommend enabling Random hardware address, among other changes. It may be wise to consider ditching Windows entirely as well.
I recommend both Mullvad DNS and VPN and using Exif Cleaner and BleachBit to clean metadata / data fragments. I’d use VLC Media Player as your media player of choice, LibreOffice or OnlyOffice in place of the Microsoft Office suite, Sumatra PDF in place of Adobe, KeePassXC as a password manager (or Bitwarden if you need cloud-based password management), and Jitsi Meet for video conferencing (when possible of course).
I recommend Tuta as an email provider and Linux Mint or Fedora KDE as Linux distributions. For the truly privacy conscious, the live OSs Tails and Whonix are worth checking out. However, as I conclude, 100% privacy is not really achievable, so you should simply do what you’re willing to to improve your privacy.
Browser
A quick note to begin - browser selection does not have to be all-or-nothing. You could use one for work and one for personal use, or use one regularly with others as backups. There’s no need to put all your eggs in one basket; in fact, considering fingerprinting capabilities, it can be very beneficial to be willing to swap between browsers and keep activity separate.
Unsurprisingly, you should not be using Chrome (as your main browser, anyway). It is the most commonly used browser, and as such perhaps the most compatible across the web, but nonetheless terrible from a privacy perspective. Anything running on Chromium (which many browsers are) is inherently a poor choice, as Google embeds trackers and limits the security and privacy extensions available to users. “Ungoogled” Chromium does exist, but still possesses many of the base privacy flaws that regular Chromium does.
I would encourage looking at a site like Privacy Tests or Avoid the Hack to see the differences in detail yourself. You’ll note that for test results like cross-site tracking, there are roughly 3 browser categories - popular browsers, privacy-focused browsers, and privacy-lite browsers. Safari, DuckDuckGo, and Brave, for instance, pass more tests than the most popular browsers like Chrome, putting them in that privacy-lite category. Librewolf, Mullvad, and Tor all pull far ahead of the pack, making up the privacy browser category.
This may be slightly surprising, as Brave, for instance, is often marketed as a more privacy-conscious browser. This is why it is incredibly important to dig into features and company backgrounds, and to not just listen to marketing. While Brave is perhaps the clear Chromium-based choice, and does out-perform Safari and DDG, it doesn’t quite measure up to other options. I’d also add that the CEO of Brave is against gay marriage, among other things, so I would personally steer people away anyway.
Some people may also be surprised that Firefox falls into the less private category, particularly when both Tor and Librewolf are based on Firefox. Out of the biggest browsers (Chrome, Edge, etc) Firefox is indeed a slight step up, but out of the box, it offers few additional privacy features. In other words, I largely don’t recommend it because it is far more prohibitive to secure/make private than options that are more private to begin with. If you’re set on securing Firefox, I highly recommend the Privacy Guides page on it and my section on extensions. You can use EFF’s Cover Your Tracks to see how well your browser and/or extensions resist fingerprinting. Now, onto our front-runners.
Tor - Anyone in the privacy world can immediately tell you that Tor is the gold standard for a private browser. This is due in part to the features embedded in the browser itself, blocking harmful content and trackers, and is also due in large part to the Tor Network. Every connection - every website visited - is first routed through three relays. The traffic is encrypted, such that the middle relays cannot read it. Therefore, the website being visited knows that you are using Tor, but otherwise has no idea who you are, and your Internet Service Provider (ISP) knows who you are and that you’re using Tor, but not what you’re searching. This privacy does come with a price - the blocking features of the browser will sometimes cause websites to break, and the routing can make browsing slower. In my use of Tor it’s been a mixed bag, but given that some websites will even block Tor, I’m not inclined to recommend it as a daily driver.
Mullvad - Mullvad is a highly respected company within the privacy space, also known for their VPN (Mullvad VPN). Their browser very slightly out-performs Librewolf in privacy tests, which isn’t too surprising, as Mullvad collaborated with the Tor Project in making the browser - the browser is essentially Tor minus the Tor network. Like Tor, it operates in permanent private browsing mode, meaning cookies and browsing history is cleared on each close. I would therefore recommend it as the privacy conscious choice, more-reliable-than-Tor choice, but if you want to stay signed into sites, consider using Librewolf.
Librewolf - A fork of Firefox. In essence, Librewolf updates with Firefox, but strips out any telemetry features or similar and adds additional privacy features. I recommend using hardening extensions with Librewolf, though be aware that making Librewolf roughly as private as Mullvad will likely result in it being slightly slower than Mullvad. Zen Browser and Waterfox are other Firefox fork options that are likely a bit better than base Firefox, but without good tests to compare them, I can’t strongly recommend them.
Browser Settings
Even the more privacy-minded browsers will not necessarily default to their most secure or private settings, so it is very important for any browser to carefully review the settings. Even a less private browser like Firefox can be hardened significantly through good settings and extensions. On the flip side, the better browsers may have default settings that don’t fit your use case.
For starters, I would highly recommend that users of any Firefox-based browser read through Privacy Guide’s recommended settings. More broadly, all browsers will have a “Privacy and Security” settings page that is particularly worth looking through. There may be a tracker blocker here, tools to reduce fingerprinting, HTTPS-Only mode, and DNS over HTTPS. These are all generally good, just keep a look out for any warnings about settings potentially breaking websites, and judge whether that is a potential annoyance you want to deal with. Librewolf’s Resist Fingerprinting and Limit cross-origin referrers are such features. The former is quite unintrusive, but the latter will break sites occasionally, so I do not use it, personally.
Do Not Track Request - This is a setting found on many browsers now, and while it sounds good, I recommend against enabling it. According to the Mozilla Foundation, many websites ignore this request, and it may decrease privacy in some cases. The foundation recommends the “Tell websites not to sell or share my data” setting instead. I am not aware of privacy concerns with the latter setting, and it is actually legally enforced in a few places.
Extensions and Fingerprinting
While extensions can add features and help protect you against additional threats, any modification to your browser has the potential to make it more identifiable. And, of course, more extensions means more developers you are trusting with your data. Any “privacy” extension should be thoroughly vetted and tested, if possible, to ensure that it is actually beneficial.
I’d recommend Librewolf users use uBlock Origin and Canvas Blocker. It is the only configuration that I have gotten a “non-unique” fingerprint rather than unique on EFF’s Cover Your Tracks. Mullvad, for comparison, can have a “non-unique” fingerprint by default, on account of all Mullvad users looking the same to websites. My hardened, updated Librewolf browser was about 1 in 3k browsers (~11.4 bits of identifying info) while Mullvad was 1 in 2k (~10.91 bits). Before updating my browser, my Librewolf fingerprint was unique, but I could bring it to “nearly-unique” (1 in 100k browsers) via User-Agent Switcher. So, User-Agent Switcher can be helpful, but not always (and can make you more identifiable, so use with caution)!
I will also note that since both Mullvad and Librewolf are built on Gecko (the software underlying Firefox), the bits of identifying info will tend to increase the further out you are from the most recent update, even if you’re on the most recent version of that browser. For instance, while my initial test with Mullvad put me at 1 in 2k browsers, at time of editing, it puts me at 1 in 16k (14.0 bits). Still much better than default Librewolf or Firefox, but actually weaker than my current hardened Librewolf at 1 in 5k browsers (12.34 bits). This is entirely due to Mullvad appearing as Firefox 140, while Librewolf appears as Firefox 144 (only one version behind current Firefox at time of writing).
So, technically, a well-hardened Firefox will be the most fingerprint-resistant, since you have more users to blend in with. In practice, it may be challenging for most users to match Librewolf or Mullvad’s defenses. NoScript would be the main additional extension to accomplish this, in addition to the aforementioned extensions and Privacy Guide’s recommended settings. I’d also recommend both Librewolf and Firefox users use Port Authority, though port scans are a fairly uncommon fingerprinting vector (as evidenced by Cover Your Tracks not making use of them).
Both Tor and Mullvad have enough anti-fingerprinting and blocking measures of their own that I wouldn’t recommend Canvas Blocker or Port Authority for those browsers. I will, however, point out that Tor does not come with uBlock Origin by default, and I would highly recommend uBlock for every browser.
uBlock Origin - The gold-standard content/ad blocker. It is not available on Chromium-based browsers, which is simply one more reason to avoid such browsers. It comes with multiple large lists of ad, tracker, malware, and annoyance domains that it can block, and you can import additional block lists as well. It is preinstalled on Librewolf and Mullvad, and I’d urge everyone to use it.
Port Authority - Blocks port scans: completely unnecessary scans that websites will sometimes run that can expose information about devices on your network, which can in turn be used for fingerprinting. Please note the developer’s warning when installing - there is a browser setting that you should change to avoid DNS leaks when using the extension. After that, you can forget about the extension almost entirely. I recommend using this, unless you are using a browser with No Script, which will likely make it redundant.
Canvas Blocker - Prevents fingerprinting via spoofing or blocking canvas access. Spoofing the canvas is slightly more anonymizing, and this is the default setting of Canvas Blocker. This can potentially break website features - I have to have Substack whitelisted to be able to italicize, for instance. It also tends to slightly slow down browsing, but can have a big impact on fingerprinting.
User-Agent Switcher - Changes your user-agent, allowing you to appear to websites as different operating systems / browsers (though your true configuration can still be found via JavaScript). This can be useful for avoiding fingerprinting, just be aware that some user-agents can make websites break. More crucially, altering your user-agent can potentially make you stand out more depending on your true and chosen user-agents. Choose wisely; updating or switching browsers is usually a better means of obtaining an unassuming user-agent than trying to spoof it.
No Script - I list this extension purely for posterity’s sake, as I wouldn’t really recommend it to the average user. No Script combines many of the features of previous extensions and more, allowing users to block any number of domains and website features. In other words, it can do just about anything that you might want a security/privacy extension to do, which is why it comes preinstalled on the Tor and Mullvad browsers. This customization is really why I don’t recommend it on other browsers, as the average user will have little idea what to block or limit. I myself am a little too far from being a website developer to make good use of it.
Firefox Multi-Account Containers - One last recommendation, and a little more niche. This extension is good specifically for compartmentalization and reducing cross-site tracking. Essentially, rather than cookies being shared across the browser, they are only shared within containers. You could, for instance, make a work container and a personal container, keeping your work data and accounts separate from your other browsing. I’d recommend it, but only for those using it as an organizational tool as well; the privacy gains are minimal compared to most of what I’m discussing. Privacy browsers can fulfill most of this functionality on their own.
Search Engine
When it comes to search engines, there are effectively 4 types - customizable meta search engines, engines that privately query through Google or Bing, engines with their own search algorithm that use Google or Bing’s web index, and engines with their own algorithm and index. Some of the main free options are:
Meta Search Engines - SearXNG, MetaGer
Bing/Google Wrappers - Qwant, Startpage, Ecosia
Bing Index - DuckDuckGo
Solo - Mojeek, Brave Search
For a deeper analysis and a few additional options, see Avoid the Hack’s and Privacy Guides’ pages on search engines. I’ve also heard good things about Kagi, a paid search engine.
Breaking them down this way, I can comment on some broad trends. Meta search engines can be far more effective than other search engines, since they aggregate the results from multiple distinct engines. However, this wide spread also increases search time, and querying other engines can occasionally fail and turn up no results. Their maximum effectiveness, however, leads me to recommend keeping SearXNG as a potential engine to search from. I unfortunately have yet to thoroughly test MetaGer, so the specific choice is not the most well founded, but I have heard more good reviews of SearXNG. I can at least say that having used SearXNG, the capabilities are very impressive. Note that unless you self-host it, you will have to trust the instance you choose, so be sure to choose carefully and read the privacy policy.
Solo engines have effectively the opposite problem of meta engines, being as responsive as major engines but returning fewer results. I would recommend against Brave Search in particular, as the CEO is opposed to gay marriage and in general rather right-wing. This leaves the middle two categories. The wrappers will be about as effective as Google and/or Bing while being more private, and the index engines will be more private than and comparable in effectiveness to Google or Bing, but may be a bit better or worse depending on their algorithm. I find Google to be far more effective than Bing - therefore, I’m most interested in the index engines and the Google wrappers.
This leaves us with three engines: Startpage, Ecosia, and DuckDuckGo. Ecosia temporarily logs your IP address, and given that it is not mentioned by either Avoid the Hack or Privacy Guides, I am inclined to think that their privacy policy is worse than I am able to parse on my own. DDG and Startpage are both good options, though DDG keeps logs of searches for product improvement and has been adding (admittedly optional) AI features to its engine lately. Therefore, I recommend Startpage as the best general use search engine, with DDG close behind. Mullvad offers DDG without AI features as a search option (though the default is regular DDG), so given DDG’s additional features (search bangs, filtering out AI images), I’d actually favor it over Startpage. Interested users can use DDG without the AI at noai.duckduckgo.com, though I’ve yet to see a browser other than Mullvad make this version of DDG available by default.
Base Windows Settings
Windows is hardly the most private or secure operating system, and what I have written here is not intended to wholly make up for its shortcomings. Much like the choice of browsers, Windows can be significantly improved, but that is far from saying it is the “best” choice (see my later section on other operating systems). Perhaps most pressing to me, Windows is proving to be increasingly hostile to user privacy. There’s the wide-spread adoption of AI features and, most recently, Windows has begun forcing users to have online accounts.
At this point, I’d recommend anyone who feels comfortable to jump to Linux to do so. Otherwise, you can install a modified version of Windows without the bloat/spyware - you can read this thread on doing that manually. Tiny10 and Windows 10 Lite purport to be clean Windows 10 installs (minus Windows software, like Windows Defender), and Revision says it can clean existing Windows 10/11. Please examine them carefully if you’re interested; I can’t find much to confirm their trustworthiness (and you certainly should have a antivirus, so tread with caution). A last option would be a sly trick on a regular install - by setting your time zone to an unknown location, Windows will not install a lot of its bloatware. This trick still leaves Windows telemetry, so if you’re willing to reinstall your OS, go with one of the previous options instead.
Barring messing with your operating system directly, though, there are certainly still important steps you can take. Try to review what you have running through Task Manager, Task Scheduler, and/or Services (any of which you can get to via the Windows search bar, if you weren’t aware). The steps I have below should cover the main privacy basics, but perhaps not all, and they certainly do not cover all Windows bloatware, so please consider looking yourself!
ShutUp10++ - I’d highly recommend using ShutUp10++, which will give you a GUI with switches for invasive Windows 10/11 features and their recommendation whether they should be enabled/disabled. It turns features off entirely, and so in all is a very powerful and easy tool to use. Just be sure to read the descriptions of settings so you don’t accidentally disable features you want. A few of the below settings will be redundant with ShutUp10++.
Privacy.sexy - I suggest it as a potential alternative to ShutUp10++. Privacy.sexy has slightly more customization and a little more transparency than ShutUp10++, but is much less intuitive to use. All are really for the same reason - privacy.sexy gives you commands to run, rather than keeping everything behind a GUI, making it a little easier to mistakenly disable a useful/needed feature if you don’t know what you’re doing.
Privacy and Security - In settings, go under Privacy & Security. Under General, turn off the Advertising ID in particular, along with the other settings in that section (except notifications). Under Diagnostics & Feedback and Text & Image Generation, disable everything. Disable Inking & Typing Personalization as well. Under Location, turn off Let Apps Access Your Location (they can still see approximate location; this just gets rid of precise location). Consider going through all Privacy & Security settings and disabling any access that isn’t necessary.
General Settings - Under Personalization > Device Use, turn off all settings. Also disable System > Nearby Sharing and disable and remove anything under System > AI Components. Under Time & Language > Typing, consider disable Typing Insights (the insights are supposed to be local only, but call me paranoid).
Wi-Fi - Go under Network & Internet > Wi-Fi. Hardware properties is where you can change DNS settings; I elaborate more on what a DNS is in a later section. Below Hardware properties, enable Random hardware address. This will automatically rotate your MAC address, a piece of identifying information akin to an IP, but for your PC hardware rather than Wi-Fi network. It can potentially disconnect you from certain networks, though I haven’t had this problem.
Services - Disable SSDP Discovery and UPnP Device Host. Both enable discovery and communication with different types of devices on your network, so this could potentially disconnect a device. This generally does not apply to standard Bluetooth devices, so for most people this is likely a security risk more than anything.
DNS / VPN Providers
DNS Providers
The Domain Name System (DNS) is a service that associates domain names (URLs, in other words) with IP addresses. This is generally handled by your ISP, but ISP DNSs are often less private, potentially leaking some of your browsing activity. Virtually any privacy browser or VPN will have one or more DNSs to choose from, so you’ll rarely need to seek out a DNS provider on your own. However, you may not always be using your most private browser and may not have a VPN, so knowing the providers can still be helpful.
The most popular and widely recommended options are Cloudflare, Quad9, and Mullvad. Of these, only Mullvad DNS is exclusively encrypted and has a zero data collection policy, making it my recommendation. It has some good block lists as well. Quad9 is more likely to be provided by default by a browser or VPN, and really isn’t terrible either. Really, any “private” provider is likely to be a slight improvement over your ISP DNS. See Mullvad or the chosen provider’s page on how to set the DNS up under Wi-Fi Hardware settings or browser settings.
VPNs
Virtual Private Networks (VPNs) route your traffic through a server before accessing any content. In other words, to the website, you appear to be the VPN server, which slightly anonymizes you and can help circumnavigate locational blocks. I should stress that VPNs (especially on their own) are not as private as advertisements may have you believe. As with DNS providers, finding a trustworthy provider is crucial. Even then, a single hop still leaves a significant amount of room to potentially de-anonymize you. This is why the Tor browser has 3 hops. I should add here - do NOT use a VPN with Tor! It is likely to make you less anonymous!
Having said that, it is still a useful tool, particularly if you aren’t committing to using Tor all the time. When on the lookout for VPNs, it is best to carefully consider privacy policies and the company’s real steps towards keeping your browsing private. Virtually any of the most popular VPNs - NordVPN, ExpressVPN, etc - fall short of privacy expectations. It is also good to look for VPNs that use WireGuard, a newer VPN protocol. WireGuard does not yet have the long-term stress-testing that OpenVPN has had, but it is very promising, so VPNs that offer WireGuard are often those more on the “cutting edge”. I would lastly add that a few of the popular VPNs are owned by Kape Technologies, which is an Israeli company that has had a number of shady characters at the reins. Perhaps most frighteningly, former CEO (2016-2023) Ido Erlichman was a member of the Duvdevan, an Israeli commando group known for infiltration and assassination. Taking this alongside Kape Tech formerly being known for making data-stealing ad-ware, I cannot recommend more emphatically to not trust them or their subsidiaries as VPN providers.
IVPN, Mullvad VPN, and Proton VPN are the best major major options, with Windscribe and VPN.AC as potential less popular options (per ProPrivacy). I cannot find many sources to confirm the latter two’s trustworthiness, and ProPrivacy’s reviews are weighted by cost, customer service, and other factors in addition to privacy, so we’ll focus on the major players. I would recommend against Proton VPN, mostly from a eagle-eye look at the company. While their policy and protocols are all solid and above board, there have been some reasons to question the true intentions of the company. For instance, misleadingly saying they kept “no logs” when they do, in fact, keep logs of IP addresses, emails and such. What is true is that Proton keeps very few, if any, logs that aren’t legally necessary. Their “no log” claim has since been changed, but when I take this alongside Andy Yen, the CEO’s, comments about Trump, I find reason to question their motives. I should note that Yen’s comments were hardly what they’ve been made out to be, but his seeming eagerness to praise Trump (for a rare, admittedly good move) does leave a bad taste in my mouth. I would still recommend Proton VPN to anyone who can’t afford to pay for a VPN, but otherwise I’d stay clear just to be extra safe.
Between IVPN and Mullvad there isn’t a huge gap. Privacy Guides does not strongly recommend one over the other, but does point out that Mullvad VPN has better IPv6 support and additional anti-censorship features, leading to it being my recommendation. Again, remember - VPNs are not the end-all of privacy, not by a long shot. Always be aware that they have a number of weakness, and please don’t be foolish enough to try to commit crimes with them.
Portmaster
Portmaster is primarily a highly customizable firewall, allowing you to control exactly what online access different parts of your PC have. You can even block apps from accessing the web entirely. Portmaster also has their “SPN” feature, which allows different connections to be associated with different IP addresses, segmenting your online activity. It’d be much harder to tell that your Steam activity and your web browsing, for instance, came from the same device. I am unsure as to the exact rigor of Portmaster’s protocols, so I hesitate to strongly recommend them. They have, however, begun collaborating with IVPN, which is a very good sign, considering IVPN’s own excellent reputation. I would encourage users who want complete control of their network activity to check Portmaster out. Otherwise, I don’t see SPN as being a large enough privacy improvement to warrant using Portmaster over VPN/DNS services.
Other Software
AppBuster - Windows has, in addition to blatant privacy issues, bloatware that comes preinstalled on PCs. Some apps are hard to locate and remove, and so I recommend using AppBuster, made by the same group at ShutUp10++. AppBuster, much like ShutUp10++, presents a GUI with its recommendations of what to do; in this case, to keep or to uninstall an app. Unfortunately, AppBuster is much less thorough in what it actually has recommendations for, and ultimately is more helpful to clear space than to improve privacy. I recommend checking it out nonetheless. (In spite of AppBuster’s recommendation, don’t uninstall the Xbox Game Bar if you’re someone who uses an Xbox controller on your PC).
BleachBit - As with AppBuster, the primary use of BleachBit is to clear space, with some secondary privacy gains. Namely, BleachBit clears data fragments, temporary files, and even (optionally) browser caches, saved passwords, etc. This can potentially clear several gigabytes of space, and the cleaning of data fragments ensures that deleted files are well and truly deleted. Data fragments are a tangible privacy concern, however, they only really are a threat once a party has access to your device. In other words, regularly using a program like BleachBit is a great habit, but unlikely to affect your privacy unless your device itself is seized or compromised.
ExifCleaner - Exif (Exchangeable image file format) is a standard that specifies metadata formats for image and sound files. ExifCleaner is one of several programs available to wipe the metadata from selected pictures and videos. I should note that it isn’t actively maintained anymore, posing potential security risks down the line. ExifTool, which ExifCleaner is built on, is likely a better pick in that regard, but is command-line only (MAT2 is another primarily command-line option). Regardless, cleaning metadata is good practice for any such files that you plan to post online, as the metadata will contain location, time, and system information. This likely isn’t much of a concern for most people’s social media posts, as one can assume that much of your online presence there is already quite de-anonymized. I would, however, highly recommend using ExifCleaner or a similar tool to clean any files that you want to remain pseudo-anonymous. Nudes, for example, particularly any shared with strangers or shared publicly online. A cheeky un-sanitised picture could easily turn into a full doxx if it wound up in the wrong hands.
More generally, I recommend using VLC Media Player as your media player of choice, LibreOffice or OnlyOffice in place of the Microsoft Office suite, Sumatra PDF in place of Adobe, KeePassXC as a password manager (or Bitwarden if you need cloud-based password management), and Jitsi Meet for video conferencing (when possible of course). I have less detailed thoughts for these products, but in short, they are among the most trusted and private apps for their respective services.
Mail
There are a number of email providers that are considerably more private and secure than Google, allowing encryption, custom domains and aliases, and private payment methods. And yes, many alternatives are paid, or at least have a paid option. It is the price of a better, more independent product.
Be aware, however, that the differences in privacy mainly come down to your data being harder for the provider to access, having spoof emails, and slightly better filtering/blocking. Not to mention, of course, having the provider be someone other than Google. The possible improvements are not quite as dramatic as other services; email is difficult to make truly private/secure. I at least recommend using a slightly more secure client, though. Thunderbird, for instance, can access your Gmail while blocking potentially harmful content and keeping you slightly more private.
Some of the main private email providers available are Tuta, Proton Mail, Mailbox.org, Start Mail, Mailfence, and Zoho Mail. The generally favored choices among those are Tuta, Proton Mail, and Mailbox.org. All have free plans, but Proton Mail and Mailbox.org have more private features. Having said that, I would personally tend away from Proton due to their CEO seeming a little overly positive towards Trump, as mentioned previously. It is, admittedly, not a strong inclination. I merely lost some trust in them, personally.
Tuta still has a very solid reputation, and the only real downgrade in features from the other two comes down to the availability of end-to-end encryption (E2EE). As the name implies, E2EE needs to be on both ends, meaning it can only be used between users who are both encrypting/decrypting. Unless, in other words, you can find someone else to use a secure email provider or encryption plugins, you won’t be using E2EE. Tuta does not use OpenPGP, meaning that Tuta users are further limited in only being able to use E2EE between other Tuta users. But again, as you need someone using similar tools on the other end, this will not make a difference for most users. Therefore, I’d recommend Tuta as the best email provider for most people, as I’ve heard better things about its user experience. Mailbox.org still seems like a great option if you do want E2EE.
Other Operating Systems
Linux Distributions
Given the various issues I have mentioned with Windows, it should come as no surprise that the privacy-conscious OS choice is Linux-based, not Windows. There are a number of distributions to choose from, many of which are based on other distributions. It would be very difficult for me to be completely comprehensive, but I’ll cover some of the most popular recommendations here.
For the easiest introduction into Linux, some options are Linux Mint and Pop!_OS. Linux Mint is perhaps the closest to the Windows feel out of any Linux distribution, and Pop!_OS is similar in feel while having the added benefit of being encrypted by default. Linux Mint has been around longer, and to my understanding, better maintained than Pop!_OS, so it’d be my recommendation for most novice users. If stability and support is the focus rather than Windows feel or getting more regular security updates, another option would be Debian. I’d recommend against Ubuntu (one of the most popular distros) as it is fairly corporate, and has, at least in the past, come with telemetry by default.
Following these are what Avoid the Hack calls “average to advanced” operating systems. In particular, Fedora and openSUSE Tumbleweed. Both are allegedly relatively easy to use for those with a general understanding of Linux (i.e., not that easy). Privacy Guides recommends Fedora, and so I am inclined to choose it for those willing to tackle a more customizable, less novice-friendly Linux distribution. Fedora has two primary offerings for PCs - Fedora Workstation and Fedora KDE. There are a few differences between them, with the most immediately obvious being that out of the box, Fedora KDE more resembles Windows while Fedora Workstation looks more like MacOS. So based mostly on my own function/aesthetic preferences, I’d recommend Fedora KDE.
Qubes OS
Qubes OS is the typical recommendation for a truly security-focused operating system. It secures the PC by isolating various subsystems and applications into their own “qubes”. This can even include multiple operating systems running within Qubes. This isolation means that should one part of the system be compromised, the rest of the system is likely to be protected.
The isolation also means that Qubes is quite unique in use and occasionally less stable than previously mentioned operating systems. Unless you are committed to maximum security and/or are quite technically proficient, I recommend against Qubes.
Live Operating Systems
In addition to traditional operating systems, you also have the option of “live” operating systems, meaning OSs you can run without replacing your “true” OS. Live systems are obviously less convenient for everyday use, but can be extremely effective in anonymizing yourself when necessary.
Tails - The Amnesic Incognito Live System is an operating system that can boot from a DVD or USB and leaves no trace on your system, only running from the memory and never writing to disk. This “amnesia” and easy boot-ability, coupled with forcing connections through Tor and other features, makes it perhaps the best system available for counter forensics. In other words, this is the system of choice for people secretly writing to reporters and the like. Privacy Guides, however, finds it lacking in security features when compared to Whonix.
Whonix - Unlike Tails, Whonix is run inside of your existing OS using Virtual Machines (VMs). One is called the “Workstation” and the other the Tor “Gateway”. Everything from the Workstation must first go through the Gateway, meaning that even if the Workstation is compromised, identifiers like the true IP address remain private. This alongside other features make it even more private and secure than Tails.
As you may imagine, then, a recommended maximum security and privacy setup could be said to be a PC running Qubes OS that then runs Whonix inside of it, keeping everything isolated and everything routed through Tor. I don’t expect a single human being reading this article to do that; that combination is far too inconvenient to be suited for anything but the most severe threat model. Nonetheless, now you know.
Fingerprinting and the Dream of Privacy
As you may have noted in the browser extensions section, avoiding fingerprinting is a nightmare. Even on hardened Librewolf, letting your browser go a little too long without updating can expose you to fingerprinting. Likewise, while Mullvad is much better than Librewolf out of the box, its slower release cycle means that Mullvad users often have a harder time blending in with Firefox/other Gecko-based browser users. Tor actually has the same “issue”, although since traffic is routed through the Tor network, blending in with traditional Firefox users isn’t feasible anyway.
And as we noted in the previous section, there isn’t really a ceiling to privacy. If you draw the line at easy fingerprinting, you could be satisfied with Mullvad or Librewolf. If you want greater privacy than that, you’ll have to graduate to Tor, then add Tails or Whonix, and so on. The truth is that the systems we use are not built for privacy - privacy comes at ever-increasing costs if you try to chase the ever-elusive “total” privacy. Even the “best” software is no complete guarantee - Intel chips, for instance, have “management engines” that could potentially serve as backdoors (but can be disabled, albeit at risk of damage to the PC). And, of course, even a “completely private” system could be exposed to new vulnerabilities down the line, and certainly wouldn’t protect you from leaving your passwords lying around. The absolute most private option is to have no online access at all.
At the end of the day, it just comes down to how important privacy is to you personally. Every step we make to secure our privacy is a good one.